Message ID | 20191128150524.31487-1-benjamin.romer@canonical.com |
---|---|
Headers | show |
Series | Patch for CVE-2019-18660 | expand |
On 28.11.19 16:05, Benjamin M Romer wrote: > CVE-2019-18660: > > The Linux kernel through 5.3.13 on powerpc allows Information Exposure > because the Spectre-RSB mitigation is not in place for all applicable > CPUs, aka CID-39e72bf96f58. This is related to > arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c. > > Christopher M. Riedl (1): > powerpc/64s: support nospectre_v2 cmdline option > > Michael Ellerman (2): > powerpc/book3s64: Fix link stack flush on context switch > KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel > > arch/powerpc/include/asm/asm-prototypes.h | 3 + > arch/powerpc/include/asm/security_features.h | 3 + > arch/powerpc/kernel/entry_64.S | 6 ++ > arch/powerpc/kernel/security.c | 74 ++++++++++++++++++-- > arch/powerpc/kvm/book3s_hv_rmhandlers.S | 28 ++++++++ > 5 files changed, 108 insertions(+), 6 deletions(-) > Acked-by: Stefan Bader <stefan.bader@canonical.com>
On 2019-11-28 16:05, Benjamin M Romer wrote: > CVE-2019-18660: > > The Linux kernel through 5.3.13 on powerpc allows Information Exposure > because the Spectre-RSB mitigation is not in place for all applicable > CPUs, aka CID-39e72bf96f58. This is related to > arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c. > > Christopher M. Riedl (1): > powerpc/64s: support nospectre_v2 cmdline option > > Michael Ellerman (2): > powerpc/book3s64: Fix link stack flush on context switch > KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel > > arch/powerpc/include/asm/asm-prototypes.h | 3 + > arch/powerpc/include/asm/security_features.h | 3 + > arch/powerpc/kernel/entry_64.S | 6 ++ > arch/powerpc/kernel/security.c | 74 ++++++++++++++++++-- > arch/powerpc/kvm/book3s_hv_rmhandlers.S | 28 ++++++++ > 5 files changed, 108 insertions(+), 6 deletions(-) > Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
On 2019-11-28 16:05, Benjamin M Romer wrote: > CVE-2019-18660: > > The Linux kernel through 5.3.13 on powerpc allows Information Exposure > because the Spectre-RSB mitigation is not in place for all applicable > CPUs, aka CID-39e72bf96f58. This is related to > arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c. > > Christopher M. Riedl (1): > powerpc/64s: support nospectre_v2 cmdline option > > Michael Ellerman (2): > powerpc/book3s64: Fix link stack flush on context switch > KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel > > arch/powerpc/include/asm/asm-prototypes.h | 3 + > arch/powerpc/include/asm/security_features.h | 3 + > arch/powerpc/kernel/entry_64.S | 6 ++ > arch/powerpc/kernel/security.c | 74 ++++++++++++++++++-- > arch/powerpc/kvm/book3s_hv_rmhandlers.S | 28 ++++++++ > 5 files changed, 108 insertions(+), 6 deletions(-) > Applied to bionic/master-next branch. Thanks, Kleber